Firebox Denying Traffic: HTTPS Invalid Protocol
Firebox T40
Version 12.7.1.B644848
We replaced a failed network device relating to Car Wash equipment. Device is same model # as previous. It's assigned IP: 10.11.17.129. We had no Firewall Policies in place for previous device. However, device is being blocked by Firewall communicating with external server. Receiving the following in Traffic Monitor:
2022-06-08 16:35:08 Deny 10.11.17.129 72.78.XXX.XXX https/tcp 1057 443 Trusted External ProxyDrop: HTTPS invalid protocol (HTTPS-proxy-00) proc_id="https-proxy" rc="594" msg_id="2CFF-0007" proxy_act="Default-HTTPS-Client" length="0"
2022-06-08 16:35:08 Deny 10.11.17.129 72.78.XXX.XXX https/tcp 1057 443 Trusted External HTTPS Request (HTTPS-proxy-00) proc_id="https-proxy" rc="548" msg_id="2CFF-0000" app_id="0" app_cat_id="0" proxy_act="Default-HTTPS-Client" action="drop" sent_bytes="64" rcvd_bytes="0" tls_version="SSL_0" tls_profile="TLS-Client-HTTPS.Standard" sig_vers="18.060"
Please let me know if additional information is needed. Any thoughts or suggestions would be much appreciated.
Thank you!
Shellie
Comments
Add a HTTPS packet filter From: 10.11.17.129 To: Any-external
Also, you should do the free upgrade to 12.7.2 Update 2 - the Cyclops Blink remediation version.
Thanks for info and timely response Bruce. Should Packet Filter be above default HTTPS-proxy policy?
Shellie
Yes.
And it will normally get put there automatically.
Thank you sooo much Bruce. Your solution resolved issue. Appreciate the time and guidance sir!
Shellie
My pleasure